The present invention discloses a method of processing a data transfer request securely over a network, the method comprising the steps of obtaining, by a first entity, a first token associated with sensitive data received from a user; associating the first token with a token reference and storing the token reference; sending the token reference to a second entity; requesting a second token from a second entity upon receiving a data transfer request from a third entity, wherein the second token is derived from the first token using an ad hoc logic; and processing the data transfer request using the second token.
Legal claims defining the scope of protection, as filed with the USPTO.
2. The method of claim 1, further comprises requesting a cryptogram from the second entity when requesting the second token.
4. The method of claim 3, wherein the fourth entity is configured to authenticate the user before approving the data transfer request.
5. The method of claim 4, further comprises sending, by the fourth entity, a confirmation of approval of the data transfer request to the first entity and/or the third entity.
6. The method of claim 1, wherein the second token comprises data transmitted in an electronic message having a card number, an expiry date and a CVV field.
7. The method of claim 1, wherein the ad hoc logic comprises splitting the first token into three parts and masking at least two of the three parts to generate the second token.
8. The method of claim 1, wherein the second entity is configured to store the ad hoc logic and update it each time the second token is generated.
9. The method of claim 1, wherein the second token has a predefined expiry period.
10. The method of claim 1, further comprising the second entity verifying credentials of the first entity before issuing the second token.
12. The system of claim 11, wherein the first entity is further configured to receive a cryptogram and the second token from the second entity, and to send the second token and the cryptogram over a public network.
13. The system of claim 11, wherein the first entity is a merchant and the second entity is a tokenization platform.
14. The system of claim 11, wherein the data transfer request is a payment transaction between a merchant and a user.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 3, 2020
July 23, 2024
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.